Hacktivism on the rise: how politicised cyber-attacks are undermining democracy

This month news surfaced that key UK infrastructure – including the Post Office and banks – had been subject to an attack by Iranian hackers. And while the story undoubtedly grabbed headlines, the attack was far from a one-off. Instead, it was the latest in a series of politically motivated cyber assaults, and as the tactic gains rapid traction, world leaders and governments are being forced to rethink their cyber strategies.

Political turmoil powering cyber attacks

Political
disruption provides a ripe ground for cyber-attacks against governments and
international institutions; according to NETSCOUT, political and
ideological disputes represent the third greatest motivation for launching distributed denial of
service (DDoS) attacks. With the current political turmoil fueled by events
such as Brexit, coupled with greater availability of tools to take down
websites and attack infrastructure, political hacktivism has become rife. DDoS
attacks against the International Affairs sector – which includes the United
Nations, the International Monetary Fund, and foreign consulates and embassies
– for example, increased by almost 200% H2 2017 and H2 2018.

Destabalising democracy

Major incidents
include the purported attack surrounding the EU referendum, with MPs suggesting that the “register to vote” site crashing
could have been the result of a foreign cyber-attack. Russian infiltration in
the 2016 US Presidential elections meanwhile wielded significant harm to
Hillary Clinton’s campaign through the theft of over 150,000 emails and
documents which led to the indictment of 12 Russian intelligence officers.

The attacks
against Clinton and the Democratic party in particular highlight the huge scale
damage that can be brought about by political cyber-attacks; writing in The Guardian, Professor Kathleen Hall Jamieson
argues that “the theft and leaking of Democratic emails were key to Clinton’s
election defeat,” and resulted in the media being dominated by anti-Clinton
news that swayed public opinion. Alongside the huge risks associated with
sensitive data being exposed, polticised cyber attacks can prevent the public
from accessing information, and can hamper voter registration, ultimately
presenting a major challenge to democracy, election integrity and nation
states’ sovereignty.

Cyber challenges fueling government policy

Against this landscape, political leaders are understandably concerned and are being forced to adopt a more hardline approach to cybersecurity. Writing earlier in the year, the Washington Post asserts that “election security will be the hot new Democratic campaign issue” in the upcoming 2020 candidate race, and notes a major shift from 2016 when cybersecurity only played a minor role. On the other side of the Atlantic, the UK government has been forced to respond to growing instances of political hacktivism from Iran and Russia, announcing in a statement that:

“The UK and its allies are once again united in demonstrating that the international community will stand up against cyber-attacks by other governments and that we will work together to respond to them.”

However,
with the threat increasing, and potentially our entire democratic process at
stake, words alone aren’t enough; it is critical that governments continue to
educate themselves about evolving political threats, and work together to
protect their country, their citizens and their sovereignty. To support this,
closer cooperation with the private sector will be key. In 2018, a number of
tech firms offered free products to help secure the US midterm elections, with
greater collaboration between the public and private sector likely to take
place in the future. From a PR standpoint, such initiatives, if
well-coordinated, can both drive media traction and demonstrate corporate
social responsibility in protecting democracy, as we saw last year. Although
the companies received some media flack for their lack of coordination, the
overall sentiment was positive.

As May’s
European elections approach and America counts down to the Democratic
primaries, observers will be keenly watching to see how attacks manifest themselves,
and whether lessons have been learned from past assaults. While the attacks
themselves might not be predictable, one thing is clear: the risk is both real,
and escalating, and governments and businesses must work together to combat
political hacktivism, and protect democracy.

At Babel, we recognise that in a world where
hackers can be motivated by political or financial incentives – or just simply
want to cause disruption – businesses need to know how to protect their
organisation, stakeholders, reputations and bottom line. We work with clients
across the technology sector to help them prepare for crises, and manage communications
should a crisis occur. For more information, or to speak to a member of the
Babel team about your businesses’ crisis strategy please get in touch.